package com.liuguang.testassert.filter;

import com.liuguang.testassert.enums.CheckParamEnums;
import com.liuguang.testassert.security.UserDetailServiceImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.i18n.LocaleContextHolder;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.support.WebApplicationContextUtils;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

/**
 * @ClassName: MyFilter
 * @Description： 1、使用过滤器拦截请求，实现项目挂在别的项目下
 * 拦截请求对请求参数进行解析，开启Springsecutity的权限验证及授权，其实主要是授权，不需要认证，登录进来的用户都是在别的项目下进行过验证的
 * 过滤器拦截请求主要是对用户的权限进行获取，并添加到Authrntication中，获取的权限主要是获取用户的角色，
 * 在decide方法中，根据url获取到角色列表， 根据角色判断用户能不能登录
 * 数据库表：
 * user 用户表：保存用户的基本信息
 * role 角色表： 角色的基本信息
 * menu 权限表，菜单表：保存 菜单名、url
 * <p>
 * 2、登录过程
 * @Author: wanghr
 * Date: 1:53 PM 2020/6/1
 * Version: 1.0
 */
//@WebFilter(urlPatterns = "/*")
//@ComponentScan("com.liuguang.testassert")
//@Component
public class MyFilter extends OncePerRequestFilter {
    private final static Logger logger = LoggerFactory.getLogger(MyFilter.class);

    @Autowired
    private UserDetailServiceImpl userDetailService;


    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
                                    FilterChain filterChain) throws ServletException, IOException {
        logger.info("自定义过滤器拦截的 URI：{}", request.getRequestURI());
        logger.info("自定义过滤器拦截的 请求参数：{}", request.getQueryString());
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        CheckParamEnums.PARAM_IS_NULL.assertNotNull(username);
        CheckParamEnums.PARAM_IS_NULL.assertNotNull(password);
        logger.info("传入用户名和密码：{}，{}", username, password);

        //这两个容器中内容，在RequestContentFilter 中会将当前request 暴露到这两个容器。
//        String country = LocaleContextHolder.getLocaleContext().getLocale().getCountry();
//        String[] attributeNames = RequestContextHolder.currentRequestAttributes().getAttributeNames(0);

        //启动security验证流程
        Authentication authentication = userDetailService.loadUser(username);
        SecurityContextHolder.getContext().setAuthentication(authentication);

        logger.info("--------------------------------");
        filterChain.doFilter(request, response);
    }
}
